Have you dined at Arby's recently?

Hundreds of thousands of customers’ credit and debit card information may have been stolen after it was discovered that malware had been installed on payment systems and cash registers at hundreds of Arby’s restaurants in the U.S.

Arby’s was not made aware of the security breach until mid-January. At the request of the FBI the company did not go public about the incident, which could involve over 355,000 different credit and debit cards.

With over 3,330 restaurants in the United States, the breach may have affected hundreds of the chain’s locations but no franchises were affected, according to Krebs on Security. Approximately one –third of Arby’s stores are corporate-owned.

Arby's is working with law enforcement and computer security companies to investigate and the malware has since been removed from affected systems.

“Upon learning of the incident, ARG immediately notified law enforcement and enlisted the expertise of leading security experts, including Mandiant,” an Arby's spokesman said in a statement provided to Krebs on Security.

“While the investigation is ongoing, ARG quickly took measures to contain this incident and eradicate the malware from systems at restaurants that were impacted.”

In Jan. 2016, a similar security breach affected Wendy's where hundreds of thousands of cards were compromised.


A non-public alert issued by PSCU, a service organization serving over 800 credit unions, advised member banks that they had received long lists of compromised cards numbers from Visa and MasterCard. The alert stated that a breach an unnamed retailer had affected over 355,000 cards issued by PCSU member banks.

Credit card security breaches can occur at point of sale registers when malware is installed through a hacked remote administration tool. From there, hackers can retrieve information from each card swiped at that cash register.

According to Krebs, the Arby’s breach most likely occurred between Oct. 25, 2016 and Jan. 19.